<?php
require_once('conf/top.php');
$template = $tpl->loadTemplate('panier.html');

connectDb();
session_start();

$theme = theme(); // Gérer dans lib.

$erreurs = null;
$infos = null;

if(isset($_SESSION['id_user']) && !empty($_SESSION['id_user'])){
	if(isset($_SESSION['panier']['produits']) && !empty($_SESSION['panier']['produits'])){
		supprimerMesArticle($_SESSION['id_user']);
	}
}
if(empty($_SESSION['id_user']) && !empty($_SESSION['panier']['produits']) && empty($infos)){
	$infos[] = "Attention vous devrez vous connecter pour pouvoir passer à l'étape suivante de la commande.";
}

if(isset($_POST['ajouterPanier'])){
	//récuperation des variables en POST 
	if(isset($_POST['categorie']) && !empty($_POST['categorie'])){
		$_POST['categorie'] = htmlspecialchars(stripslashes($_POST['categorie']));
	    $_POST['categorie'] = str_ireplace("script", "blocked", $_POST['categorie']);
		$categorie = $_POST['categorie'];
	}
	if(isset($_POST['dates']) && !empty($_POST['dates'])){
		$_POST['dates'] = htmlspecialchars(stripslashes($_POST['dates']));
	    $_POST['dates'] = str_ireplace("script", "blocked", $_POST['dates']);
		$dates = $_POST['dates'];
	}
	if(isset($_POST['duration']) && !empty($_POST['duration'])){
		$_POST['duration'] = htmlspecialchars(stripslashes($_POST['duration']));
	    $_POST['duration'] = str_ireplace("script", "blocked", $_POST['duration']);
		$duration = $_POST['duration'];
	}
	if(isset($_POST['price']) && !empty($_POST['price'])){
		$_POST['price'] = htmlspecialchars(stripslashes($_POST['price']));
	    $_POST['price'] = str_ireplace("script", "blocked", $_POST['price']);
		$price = $_POST['price'];
	}
	if(isset($_POST['id_user']) && !empty($_POST['id_user'])){
		$_POST['id_user'] = htmlspecialchars(stripslashes($_POST['id_user']));
	    $_POST['id_user'] = str_ireplace("script", "blocked", $_POST['id_user']);
		$id_user = $_POST['id_user'];
	}
	if(isset($_POST['firstname']) && !empty($_POST['firstname'])){
		$_POST['firstname'] = htmlspecialchars(stripslashes($_POST['firstname']));
	    $_POST['firstname'] = str_ireplace("script", "blocked", $_POST['firstname']);
		$firstname = $_POST['firstname'];
	}
	if(isset($_POST['lastname']) && !empty($_POST['lastname'])){
		$_POST['lastname'] = htmlspecialchars(stripslashes($_POST['lastname']));
	    $_POST['lastname'] = str_ireplace("script", "blocked", $_POST['lastname']);
		$lastname = $_POST['lastname'];
	}
	if(isset($_POST['id_availability']) && !empty($_POST['id_availability'])){
		$_POST['id_availability'] = htmlspecialchars(stripslashes($_POST['id_availability']));
	    $_POST['id_availability'] = str_ireplace("script", "blocked", $_POST['id_availability']);
		$id_availability = $_POST['id_availability'];
	}
	//On cast que $price soit un float
	$price = floatval($price);

	if(!empty($_POST['categorie']) && !empty($_POST['dates'])){	
		if(checkProduct($id_user,$firstname,$lastname,$dates,$duration,$categorie,$price,$id_availability)){
			ajouterArticle($id_user,$firstname,$lastname,$dates,$duration,$categorie,$price,$id_availability);
			if(empty($_SESSION['id_user']) && !empty($_SESSION['panier']['produits']) && empty($infos)){
				$infos[] = "Attention vous devrez vous connecter pour pouvoir passer à l'étape suivante de la commande.";
			}
		}
		else{
			$erreurs[] = "Et non! L'injection n'a pas fonctionnée vil personnage !";
		}
	}
	else{
		$erreurs[] = "Vous n'avez pas remplis de catégorie ou de date.";
	}
}

else if(isset($_POST['supprimerArticle'])){
	if(isset($_POST['suppAvailability']) && !empty($_POST['suppAvailability'])){
		$suppAvailability = $_POST['suppAvailability'];
	}
	if(isset($_POST['suppDates']) && !empty($_POST['suppDates'])){
		$suppDates = $_POST['suppDates'];
	}
	if(!empty($suppAvailability) && !empty($suppDates)){
		supprimerArticle($suppDates, $suppAvailability);
	}	
}

$montantPanier = 0;

$createPanier = creationPanier();
if(isset($_SESSION['panier']['produits']) && !empty($_SESSION['panier']['produits'])){
	$montantPanier = MontantGlobal();
}

echo $template->render(array('MEDIA_PATH' => MEDIA_PATH, 'createPanier' => $createPanier, 'session' => $_SESSION, 'theme' => $theme, 'montantPanier' => $montantPanier, 'erreurs' => $erreurs, 'infos' => $infos));
?>

